Network Watcher should be enabled: Add support for defining multiple resource groups

[robdock92]

Details of the scenario you tried and the problem that is occurring

When attempting to override the default value of "NetworkWatcherRG" of parameter resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6, the type is set to String so only one resource group can be named for Policy to check if a Network Watcher resource exists.

Our networking structure is defined per subscription, so the Network Watchers have been deployed per subscription as well, into their own Resource Groups. As such, we cannot provide an array to this parameter for Policy to check

Verbose logs showing the problem

Error: updating Scoped Policy Assignment (Scope: "/providers/Microsoft.Management/managementGroups/<mg-name>" Policy Assignment Name: "<mg_assignment_name>"): unexpected status 400 (400 Bad Request) with error: InvalidPolicyParameterType: The policy parameter 'resourceGroupName-b6e2945c-0b7b-40f5-9233-7a5323b5cdc6' does not match the expected parameter type defined in the policy definition '06f19060-9e68-4070-92ca-f15cc126059e version 1.4.0'. Details 'The expected policy parameter type: 'String'. The actual policy parameter type 'Array'.'.

Suggested solution to the issue

Modify the portion of the NetworkWatcher_enabled_audit.json code to accept and loop over an array of strings containing Resource Groups that should be monitored for Network Watcher resources.

If policy is Guest Configuration - details about target node

N/A